Items Tagged with "Network Security"


1de705dde1cf97450678321cd77853d9

Somewhere Over The Rainbow – A Story About A Global Ubiquitous Record of All Things Incident

October 10, 2012 Added by:Ian Tibble

Most businesses don’t even know they were hacked until a botnet command and control box is owned by some supposed good guys somewhere, but all talk of security is null and void if we acknowledge reality here. So let’s not talk reality...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

The Derecho Named Cyber

October 10, 2012 Added by:Joel Harding

The discussions we had back in the mid-90s are still ongoing, we still don’t have a proper information sharing cybersecurity bill and people still don’t trust the government to maintain their privacy. Please, members of congress and business leaders, work on cybersecurity as if our lives depend on it...

Comments  (1)

F66c1a87a8db2cb584b4e06e93a84ce3

Online Banking: A Trust Opportunity to (Re)gain?

October 09, 2012 Added by:Mikko Jakonen

How come banks are telling people to maintain their security better, without putting their OWN reputation and capabilities in line with the DIRECT consequences of the change paradigm towards ‘webalized’ approach we have witnessed for years, has now resulted as poor operational security...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

What’s Your Horizon of Focus for Security?

October 09, 2012 Added by:Tripwire Inc

In the corporate world, we talk a lot about corporate goals & objectives. In the US Government, you hear a lot about “The Mission,” which is the unifying goal that ties an agency (or multiple agencies) together in a shared sense of purpose. I’m a big believer in connecting our actions as information security professionals to The Mission...

Comments  (0)

888605c6c25c19e41bbbb986ea6d43c1

Another HAck-bAck Blog

October 04, 2012 Added by:Jim Palazzolo

Is it the legal structure that makes it taboo, or the ambiguity of the target? What are the implications? Could a corporation accidentally set off a cyber flashpoint by attacking targets in other countries? And, is it an organization’s legal right, like an individual, to defend itself?

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Ask The Experts: Workstation Malware

October 04, 2012 Added by:Brent Huston

Once we’ve embraced the fact that we need better detection and response mechanisms, we start to see how honeypots can help us but also how creating better awareness within our users can be the greatest investment an organization might make in detection...

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

How to Protect against Denial of Service Attacks: Refresher

October 03, 2012 Added by:Stephen Marchewitz

In order to mitigate this threat, ISPs will need to combine their efforts. It would take a global effort on the part of the ISPs. Until then, the capabilities are there to deal with the issue when it arises on a per incident basis...

Comments  (3)

7fef78c47060974e0b8392e305f0daf0

Cyberwar, Cyberdouchery, and Where the Rubber Meets the CyberRoad

October 01, 2012 Added by:Infosec Island Admin

The cyberwar is upon us and we had best start taking it seriously because people in power are making plans, and like biological warfare, it seems perhaps there could be unforeseen circumstances that could trigger bigger and worse things. Plan accordingly and think a bit more cogently...

Comments  (2)

D8853ae281be8cfdfa18ab73608e8c3f

Old School On-Target NBNS Spoofing

September 30, 2012 Added by:Rob Fuller

So it turns out that Windows Firewall talks IP addresses just like any other firewall, so if you configure FakeNetBIOSNS to tell everyone that the IP address for whatever they looked up is YOUR IP, guess what, no need to bypass the spoof filters...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

On the Lack of IT Readiness: The Security Edition

September 30, 2012 Added by:Rafal Los

Sticking to the basics wouldn't be such a bad thing in Security... if we had a clue on how to do the basics right. I know plenty of people who pentest all day every day and they'll be the first to tell you how easy it is to break in because defenses are so weak, if they exist at all...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Surviving a Public Infrastructure or Energy Grid Attack

September 27, 2012 Added by:Dan Dieterle

What would you do if the lights suddenly went out? Where would you get news from? Or more importantly water? Keep cool or get heat? Though many disregard warnings about critical infrastructure attacks what if the worst did happen, would you be prepared?

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Expect New Wave of Cyber Attacks Against Banking

September 26, 2012 Added by:Pierluigi Paganini

A possible Iranian cyber offensive against US banks has been discussed recently, and immediately denied by government of Teheran. Financial institutions are targets for a cyber attacks, as the banking system is a critical asset for a nation and its paralysis could damage economic activities...

Comments  (0)

8c989dc4fa2c14780c6e1b9bc7c6c5e6

Do Reverse Proxies Provide Real Security?

September 25, 2012

We used the OSSTMM 3 so we could measure the Attack Surface. Even though, measuring the Attack Surface with RAVs seems complicated at first, it is actually pretty straight-forward once you understand the concepts. The results of this research can be found in this paper...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Three Keys to Managing Firewalls for Better Security

September 25, 2012 Added by:Richard Stiennon

The that firewalls do not provide value had its first incarnation in de-perimeterization. The idea is that because network security is so hard we should give up and focus on securing the endpoints and data that travels between them. In reality we have to defend four separate domains...

Comments  (1)

Bdcd1324539ec513ff7c10014b9668b6

Investigating In-Memory Network Data with Volatility

September 25, 2012 Added by:Andrew Case

This post will discuss Volatility’s new Linux features for recovering network information including enumerating sockets, network connections, and packet contents, and will discuss each plugin along with implementation, how to use it, output, and which forensics scenarios apply...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »